Apple web server notifications

This article provides credit to people who have reported potential security issues in Apple's web servers.

Credits

2019-03-07 ade.apple.com

A server configuration issue was addressed. We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for reporting this issue.

2019-03-01 play.itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Gil Bahat of Magisto for reporting this issue.

2019-02-27 mapsconnect.apple.com

A server configuration issue was addressed. We would like to acknowledge Kareem Mohammed (@KendoClaw1) for reporting this issue.

2019-02-27 developer.apple.com

A server configuration issue was addressed. We would like to acknowledge Chris Ball (https://twitter.com/chriswb) for reporting this issue.

2019-02-26 investor.apple.com

A server configuration issue was addressed. We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for reporting this issue.

2019-02-23 info.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2019-02-20 as-images.apple.com

A server configuration issue was addressed. We would like to acknowledge Abbas Mamoun (facebook.com/AbassMamoun) for reporting this issue.

2019-02-13 privacy.apple.com

A server configuration issue was addressed. We would like to acknowledge Jan-Christian Föh of programmanstalt for reporting this issue.

2019-02-08 bugreport.apple.com

A server configuration issue was addressed. We would like to acknowledge Adithyan Ak of OWASP Coimbatore for reporting this issue.

2019-02-04 trailers.apple.com

A server configuration issue was addressed. We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for reporting this issue.

2019-02-04 discussions.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Ashish Gautam Kamble for reporting this issue.

2019-02-01 support.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Aung Myat Thu (@xai_yak) and Vivek Krishna A of Zoho Corporation for reporting this issue.

2019-02-01 support.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge MyoKo (@nutronex) for reporting this issue.

2019-01-29 discussions.apple.com

A server configuration issue was addressed. We would like to acknowledge Muhammad Faizan Akhtar for reporting this issue.

2019-01-24 filemakerjobbard.com

A server configuration issue was addressed. We would like to acknowledge 王邦宇 of wAnyBug.Com for reporting this issue.

2019-01-24 bugreport.apple.com

A server configuration issue was addressed. We would like to acknowledge Ronald van der Meer (contact.vandermeer.frl) for reporting this issue.

2019-01-21 icloud.com

A server configuration issue was addressed. We would like to acknowledge Eugene Kaznacheev of Ecwid (ecwid.com), wytrawny_Dijkstra, and 王邦宇 of wAnyBug.Com for reporting this issue.

2018-06-18 invisage.com

A server configuration issue was addressed. We would like to acknowledge Chinmay Patel (@Chinmay_228) for reporting this issue.

2019-01-17 swift.org

A server configuration issue was addressed. We would like to acknowledge B.Dhiyaneshwaran of Geek Freak (Tamilnadu) for reporting this issue.

2019-01-09 ma-webcast-prod-mdn.apple.com

A server configuration issue was addressed. We would like to acknowledge Dzianis Skliar (EPAM Systems) for reporting this issue.

2019-01-03 locate.apple.com

A server configuration issue was addressed. We would like to acknowledge Nisheal A John of Karunya University, India for reporting this issue.

2019-01-03 carpoolkaraoke.applemusic.com

A server configuration issue was addressed. We would like to acknowledge Wai Yan Aung(@waiyanaun9) for reporting this issue.

2018-12-18 github.com/apple

A server configuration issue was addressed. We would like to acknowledge Maksym Kraynyuk (facebook.com/mr.maxim) for reporting this issue.

2018-12-07 apple.com

A server configuration issue was addressed. We would like to acknowledge Robert Wiggins for reporting this issue.

2018-12-03 me.com

A server configuration issue was addressed. We would like to acknowledge Stevan White of Northwest Florida State College for reporting this issue.

2018-11-29 icloud.com

A server configuration issue was addressed. We would like to acknowledge João Pimenta for reporting this issue.

2018-11-23 ecommerce.apple.com

A server configuration issue was addressed. We would like to acknowledge Cem Onat Karagun (linkedin.com/in/cemkaragun) of Threat and Vulnerability Management Team of IBTech for reporting this issue.

2018-11-23 appleid.apple.com

A server configuration issue was addressed. We would like to acknowledge Ariel Carbonaro (@SirKuryaki) for reporting this issue.

2018-11-22 colormasters.apple.com

A server configuration issue was addressed. We would like to acknowledge Gocha Okradze for reporting this issue.

2018-11-22 discussions.apple.com

A server configuration issue was addressed. We would like to acknowledge Michael Mattioli of mmattioli.com for reporting this issue.

2018-10-31 apple.com

A server configuration issue was addressed. We would like to acknowledge Raviteja Marella for reporting this issue.

2018-10-15 itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for reporting this issue.

2018-10-11 myaccess.apple.com

A server configuration issue was addressed. We would like to acknowledge Gareth Bryan (linkedin.com/in/garethjbryan/) for reporting this issue.

2018-10-09 apple.com

A server configuration issue was addressed. We would like to acknowledge Akityo of Topsec (Zhiqiang Li) for reporting this issue.

2018-09-28 east-secvpn.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Marc-Etienne M.Léveillé of ESET (eset.com/uk/) for reporting this issue.

2018-09-28 discussions.apple.com

A server configuration issue was addressed. We would like to acknowledge Tim Leung (@strayapanda) for reporting this issue.

2018-09-27 cl5.apple.com

A server configuration issue was addressed. We would like to acknowledge Egor Saltykov (@ansjdnakjdnajkd) of Digital Security for reporting this issue.

2018-09-26 appstoreconnect.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Rajanish Pathak (@h4ckologic) for reporting this issue.

2018-09-24 apple.com

A server configuration issue was addressed. We would like to acknowledge Mikail Tunç (@emtunc) (emtunc.org) for reporting this issue.

2018-09-24 cl5.apple.com

A server configuration issue was addressed. We would like to acknowledge Nishaanth Guna of Appknox (@67616d654661636) for reporting this issue.

2018-09-20 apple.com

A server configuration issue was addressed. We would like to acknowledge François Gaudreault for reporting this issue.

2018-09-19 icloud.com

A cross-site scripting issue was addressed. We would like to acknowledge Edison He (@0xedison) for reporting this issue.

2018-09-17 corp.apple.com

A server configuration issue was addressed. We would like to acknowledge Léandre Forget-Besnard for reporting this issue.

2018-09-10 apple.com

A cross-site scripting issue was addressed. We would like to acknowledge U.Kiran vas Reddy (facebook.com/kiranreddyrebel) for reporting this issue.

2018-09-10 getsupport.apple.com

A server configuration issue was addressed. We would like to acknowledge Mohan Kallepalli (@MohanKallepalli) for reporting this issue.

2018-09-05 communities.apple.com

A server configuration issue was addressed. We would like to acknowledge Man Shum (instagram.com/evmannn/) for reporting this issue.

2018-08-31 beatsprm-prz.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2018-08-29 wellnessclassic.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2018-08-29 appleid.apple.com

A server configuration issue was addressed. We would like to acknowledge Aryan Sinha (aryansinha.com) for reporting this issue.

2018-08-27 shopnow.apple.com

A server configuration issue was addressed. We would like to acknowledge Wai Yan Aung (@waiyanaun9) for reporting this issue.

2018-08-27 facebook.appstore.com

A server configuration issue was addressed. We would like to acknowledge Wai Yan Aung (@waiyanaun9) for reporting this issue.

2017-08-25 webcast.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2018-08-22 pcr.apple.com

A server configuration issue was addressed. We would like to acknowledge Tyler Hawkins (hawkinsecurity.com) for reporting this issue.

2018-08-21 caldav.icloud.com

A server configuration issue was addressed. We would like to acknowledge Numan Türle (@numanturle) for reporting this issue.

2018-08-20 origin-tips-prn.apple.com

A server configuration issue was addressed. We would like to acknowledge Leonid Hartmann (@_harleo) for reporting this issue.

2018-08-18 collection.filemaker.com

A server configuration issue was addressed. We would like to acknowledge Wai Yan Aung (@waiyanaun9) for reporting this issue.

2018-08-06 bugs.swift.org

A server configuration issue was addressed. We would like to acknowledge Adesh Nandkishor Kolte of Independent Security Researcher, India (@AdeshKolte) and Agametov Rustam (@AgametovRustam) for reporting this issue.

2018-08-01 mynews.apple.com

A server configuration issue was addressed. We would like to acknowledge Aaron Ghirardelli (linkedin.com/in/aaronghirardelli), an anonymous researcher, Ramy Khuffash of Page Flows (linkedin.com/in/ramykhuffash/), Wai Yan Aung (@waiyanaun9) for reporting this issue.

2018-08-01 itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for reporting this issue.

2018-08-01 icloud.com

A cross-site scripting issue was addressed. We would like to acknowledge Berk İmran (@berk_imran) (Berkimran.com.tr) for reporting this issue.

2018-07-31 ivpn3.apple.com

A server configuration issue was addressed. We would like to acknowledge Belov Sergey (@kaimi_ru) (linkedin.com/in/bserg/) for reporting this issue.

2018-07-18 itunes.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Jaikishan Tulswani (@_iamjk) for reporting this issue.

2018-07-09 solutions.filemaker.com

A server configuration issue was addressed. We would like to acknowledge Anil Tom (facebook.com/aniltomank) for reporting this issue.

2018-07-06 apple.com

A server configuration issue was addressed. We would like to acknowledge Ilia Bulatov (@barracud4_) and Alexandr Evstigneev (@sab0tag3d) of Digital Security for reporting this issue.

2018-06-29 helposx.apple.com

A server configuration issue was addressed. We would like to acknowledge Belov Sergey (@kaimi_ru) (linkedin.com/in/bserg/) for reporting this issue.

2018-06-22 rivftp.apple.com

A server configuration issue was addressed. We would like to acknowledge Paul Seekamp (linkedin.com/in/paulseekamp) for reporting this issue.

2018-06-18 live-promotions.apple.com

A server configuration issue was addressed. We would like to acknowledge Jonathan Bouman (protozoan.nl) for reporting this issue.

2018-06-16 itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Anil Tom for reporting this issue.

2018-06-13 applemusicfestival.com

A server configuration issue was addressed. We would like to acknowledge Shubham Maheshwari (linkedin.com/in/shubhack319) for reporting this issue.

2018-06-12 ara.apple.com

A server configuration issue was addressed. We would like to acknowledge Anas Mahmood (@CyberTiger) for reporting this issue.

2018-06-12 ara.apple.com

A server configuration issue was addressed. We would like to acknowledge Anas Mahmood (@CyberTiger) for reporting this issue.

2018-06-08 ma-tmp-lapp25.corp.apple.com

A server configuration issue was addressed. We would like to acknowledge João Filho Matos Figueiredo (@joaomatosf) for reporting this issue.

2018-06-08 ams-dr.apple.com

A server configuration issue was addressed. We would like to acknowledge João Filho Matos Figueiredo (@joaomatosf) for reporting this issue.

2018-06-08 ams.apple.com

A server configuration issue was addressed. We would like to acknowledge João Filho Matos Figueiredo (@joaomatosf) for reporting this issue.

2018-06-08 ara.apple.com

A server configuration issue was addressed. We would like to acknowledge Anas Mahmood (@CyberTiger) and Ismail Tasdelen (linkedin.com/in/ismailtasdelen/) for reporting this issue.

2018-05-29 apple.com

A server configuration issue was addressed. We would like to acknowledge Sam Eizad (linkedin.com/in/sameizad) of Certezza for reporting this issue.

2018-05-02 apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Tsubasa Iinuma of Gehirn Inc. for reporting this issue.

2018-04-30 feedback.apple.com

A server configuration issue was addressed. We would like to acknowledge Havoc Guhan (குகன் ராஜா) of தமிழ் பசங்க ஹேக்கர்ஸ் for reporting this issue.

2018-04-25 ecommerce.apple.com

A server configuration issue was addressed. We would like to acknowledge Umesh P Jore (linkedin.com/in/umesh-jore-55015194) for reporting this issue.

2018-04-26 asw-cdn.apple.com

A server configuration issue was addressed. We would like to acknowledge Kotaro Hikita (@KotaroHikita) for reporting this issue.

2018-04-24 mp4ra.apple.com

A server configuration issue was addressed. We would like to acknowledge Abhishek Sidharth (facebook.com/ab2op4u) for reporting this issue.

2018-04-23 apple.com

A cross-site request forgery issue was addressed. We would like to acknowledge Ravikumar Ulchala (in.linkedin.com/in/ravikumarulchala) and EA Akalanka Ekanayake of WinterShift Inc.

2018-04-10 gsx.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2018-04-09 support.apple.com

A server configuration issue was addressed. We would like to acknowledge Monika Talekar (linkedin.com/in/monika-talekar-oscp-8012b891) for reporting this issue.

2018-04-03 volumeitunesprogramdownloadtool.apple.com

A server configuration issue was addressed. We would like to acknowledge Mikhail Klyuchnikov (Positive Technologies) for reporting this issue.

2018-03-31 store.apple.com

A cross-site request forgery issue was addressed. We would like to acknowledge Faiz Ahmed Zaidi Url (linkedin.com/in/faizzaidi) of Provensec LLC Url (provensec.com) for reporting this issue.

2018-03-29 credo.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2018-03-20 gsxut.apple.com

A server configuration issue was addressed. We would like to acknowledge Rumak Ivan (vk.com/internet_bully) for reporting this issue.

2018-03-20 ogcportal-ext.apple.com

A server configuration issue was addressed. We would like to acknowledge @Timedout of Moresec Security Team (moresec.cn) for reporting this issue.

2018-03-19 gsx2ut-new.apple.com

A server configuration issue was addressed. We would like to acknowledge Rumak Ivan (vk.com/internet_bully) for reporting this issue.

2018-03-15 esign.apple.com

A server configuration issue was addressed. We would like to acknowledge Tansel ÇETİN (tanselcetin.com) for reporting this issue.

2018-03-08 beta.apple.com

A server configuration issue was addressed. We would like to acknowledge Vyshnav N K (vyshnavvizz.dx.am) of Kerala for reporting this issue.

2018-02-26 apple.com

A server configuration issue was addressed. We would like to acknowledge KirtiKumar Anandrao Ramchandani (linkedin.com/in/kirtikumar-anandrao-ramchandani-ba949b153/) for reporting this issue.

2018-02-20 buy.itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Ayoub AIT ELMOKHTAR (@aessadek) for reporting this issue.

2018-02-09 esign.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Nick Kelley for reporting this issue.

2018-02-06 bugreport.apple.com

A server configuration issue was addressed. We would like to acknowledge John Daniel of Etresoft, Inc. for reporting this issue.

2018-02-05 corp.apple.com

A server configuration issue was addressed. We would like to acknowledge Alexey Dorogin (@travgen) for reporting this issue.

2018-02-01 pttest.apple.com

A server configuration issue was addressed. We would like to acknowledge Deepak Holani of Jaipur Engineering College and Research Centre (facebook.com/deepak.holani.5) for reporting this issue.

2018-01-19 embed.apple.media

A cross-site scripting issue was addressed. We would like to acknowledge Lewis Ardern (@LewisArdern) for reporting this issue.

2018-01-12 ade.apple.com

A server configuration issue was addressed. We would like to acknowledge Ali Wamim Khan (@WamimKhan) for reporting this issue.

2018-01-12 appleseed.apple.com

A server configuration issue was addressed. We would like to acknowledge Florian Kiersch of ERNW GmbH (@fkp42k) for reporting this issue.

2018-01-04 apple.com

A server configuration issue was addressed. We would like to acknowledge Michael F (@TsundereDwarf), Morgan S (@14160) and Miku T for reporting this issue.

2017-12-17 lists.apple.com

A server configuration issue was addressed. We would like to acknowledge Ahmed atef abdou (linkedin.com/in/ahmed-pentest/) of AAA for reporting this issue.

2017-12–15 mfi.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-12-13 cbl.apple.com

A server configuration issue was addressed. We would like to acknowledge Juba Baghdad (@JubaBaghdad) for reporting this issue.

2017-12-13 cbl.apple.com

A server configuration issue was addressed. We would like to acknowledge CongRong (@Tr3jer) and Kravchenko Stas (@zuh4n) for reporting this issue.

2017-12-12 k.apple.com

A server configuration issue was addressed. We would like to acknowledge Anas Mahmood (@CyberTiger) for reporting this issue.

2017-12-12 discussions.apple.com

A cross-site request forgery issue was addressed. We would like to acknowledge Rony Gigi for reporting this issue.

2017-12-08 discussions.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Tansel ÇETİN (linkedin.com/in/tanselcetin) for reporting this issue.

2017-12-06 consultants.apple.com

A server configuration issue was addressed. We would like to acknowledge Steven Hampton (@Keritzy) for reporting this issue.

2017-12-05 icloud.com

A server configuration issue was addressed. We would like to acknowledge Yongjin Kim (adm1nkyj) of adm1nkyj.kr researcher for reporting this issue.

2017-11-10 icloud.com

A server configuration issue was addressed. We would like to acknowledge Stephen Binns and Garry Shutler of Cronofy (cronofy.com) for reporting this issue.

2017-11-09 av.apple.com

A server configuration issue was addressed. We would like to acknowledge Charles Truluck of Porter-Gaud School for reporting this issue.

2017-11-09 auth.com

A server configuration issue was addressed. We would like to acknowledge Annybell Villarroel (@Annyv2) of Auth0 for reporting this issue.

2017-10-24 facebook.itunes.com

A server configuration issue was addressed. We would like to acknowledge Wai Yan Aung (@waiyanaun9) and Hsu Myat Noe (@hsumyatno3) for reporting this issue.

2017-10-04 iforgot.apple.com

A server configuration issue was addressed. We would like to acknowledge Yeasir Arafat (facebook.com/skylinearafat.arafat) of Bangladeshi, Cyber Security Researcher, and an anonymous researcher for reporting this issue.

2017-09-27 support.apple.com

A server configuration issue was addressed. We would like to acknowledge Sarankumar VB (linkedin.com/in/saranvb/) for reporting this issue.

2017-09-20 your.beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge Pal Patel of LDRP-ITR and Pal Patel of SJS for reporting this issue.

2017-09-13 iforgot.apple.com

A server configuration issue was addressed. We would like to acknowledge Faid Mohammed Amine (@b4ckDo0r3d) of University specialized in IT Development, Sagar Bhavar* (@sagarbhavar) of SecurView, Pune, and an anonymous researcher for reporting this issue.

2017-08-29 support.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Taha Smily (@TahakhanTaha) for reporting this issue.

2017-08-24 beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge Corben Leo (sxcurity.github.io) for reporting this issue.

2017-08-24 beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge Moamen Basel (@momenbassel) for reporting this issue.

2017-08-24 beatsbydre.com

A cross-site scripting issue was addressed. We would like to acknowledge Corben Leo (sxcurity.github.io) for reporting this issue.

2017-08-23 asw.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Raviraj Hariba Shedage for reporting this issue.

2017-08-22 developer.filemaker.com

A server configuration issue was addressed. We would like to acknowledge Harnoorpreet Singh (facebook.com/preetnoorz) of Nihal Singh Wala, Anas Mahmood (@AnasIsHere) for reporting this issue.

2017-08-22 icloud.com

A server configuration issue was addressed. We would like to acknowledge Josh English (@joshenglish) and Manuel Huez of ProcessOut (processout.com) for reporting this issue.

2017-08-21 ssical-prz.apple.com

A server configuration issue was addressed. We would like to acknowledge Chris Chan (linkedin.com/in/chriscjl) of VXRL for reporting this issue.

2017-08-21 itunesconnect.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-08-17 tw.apple.com

A server configuration issue was addressed. We would like to acknowledge Wai Yan Aung (@waiyanaun9) for reporting this issue.

2017-08-11 images.apple.com

A server configuration issue was addressed. We would like to acknowledge Cem Onat Karagun (linkedin.com/in/cemkaragun) of the I.T. Department of University of Kocaeli for reporting this issue.

2017-08-03 tw.apple.com

A server configuration issue was addressed. We would like to acknowledge Wai Yan Aung (@waiyanaun9) for reporting this issue.

2017-08-03 ws01.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Yongjin Kim (adm1nkyj) of adm1nkyj.kr for reporting this issue.

2017-08-03 rad.apple.com

A server configuration issue was addressed. We would like to acknowledge Guifre Ruiz (guif.re) for reporting this issue.

2017-08-03 solutions.filemaker.com

A clickjacking issue was addressed. We would like to acknowledge Akbar kp of Aforecybersec for reporting this issue.

2017-07-21 itunes.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Kiyong Kwak (part23) for reporting this issue.

2017-07-12 icloud.com

A cross-site scripting issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-07-08 itunesu.itunes.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Marc Castejon of Silent Breach Inc. for reporting this issue.

2017-07-06 itunesconnect.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-07-02 applepaysupplies.com

A cross-site scripting issue was addressed. We would like to acknowledge Kamil Sevi (@kamilsevi) for reporting this issue.

2017-07-02 live-promotions.apple.com

A server configuration issue was addressed. We would like to acknowledge Fredrik Nordberg Almroth for reporting this issue.

2017-07-02 store.apple.com

A server configuration issue was addressed. We would like to acknowledge William Entriken (@fulldecent) of phor.net for reporting this issue.

2017-07-01 apple.com

A server configuration issue was addressed. We would like to acknowledge Sven Soltermann (handyman.ch) for reporting this issue.

2017-06-29 ssl.apple.com

A server configuration issue was addressed. We would like to acknowledge Ala Arfaoui (facebook.com/alaa.arfaoui) for reporting this issue.

2017-06-27 icloud.com

A cross-site scripting issue was addressed. We would like to acknowledge Gareth Bryan (linkedin.com/in/garethjbryan/) for reporting this issue.

2017-06-26 feedback.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-06-01 afsportal.euro.apple.com

A server configuration issue was addressed. We would like to acknowledge Vedachala (theinformationsecurity.com) for reporting this issue.

2017-05-31 pttest.apple.com

A server configuration issue was addressed. We would like to acknowledge Seyed Morteza Haghiralsadat of CERT Lab of Ferdowsi University of Mashhad for reporting this issue.

2017-05-31 lists.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-05-30 developer.filemaker.com

A server configuration issue was addressed. We would like to acknowledge Sadik Shaikh (linkedin.com/in/sadikshaikh) of ExtremeHacking.org for reporting this issue.

2017-05-30 consultants.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Richard Alviarez (@queseguridad) for reporting this issue.

2017-05-27 apple.com

A server configuration issue was addressed. We would like to acknowledge Mohammed Israil (facebook.com/VillageLad) for reporting this issue.

2017-05-23 investor.apple.com

A clickjacking issue was addressed. We would like to acknowledge Blake Rand of Grandview Preparatory School for reporting this issue.

2017-05-22 feedback.apple.com

A server configuration issue was addressed. We would like to acknowledge Seyed Morteza Haghiralsadat of CERT Lab of Ferdowsi University of Mashhad for reporting this issue.

2017-05-12 linkmaker.itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Richard Shupak (linkedin.com/in/rshupak) for reporting this issue.

2017-05-12 webcast.apple.com

A server configuration issue was addressed. We would like to acknowledge Adrien Paulet of Rbcafe (rbcafe.com) and an anonymous researcher for reporting this issue.

2017-05-12 apple.com

A server configuration issue was addressed. We would like to acknowledge Micheal Cottingham for reporting this issue.

2017-05-09 search.developer.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Wai Yan Aung (@waiyanaun9) for reporting this issue.

2017-05-03 icloud.com

A cross-site scripting issue was addressed. We would like to acknowledge Musab Alhussein (linkedin.com/in/musab1) of RespondTeam.com for reporting this issue.

2017-05-03 id.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-05-02 bugreport.apple.com

A server configuration issue was addressed. We would like to acknowledge Daniel Compton (danielcompton.net) researcher for reporting this issue.

2017-04-25 your.beatsbydre.com

A cross-site scripting issue was addressed. We would like to acknowledge Emre KOSEOGLU, Edwin Foudil (edwinfoudil.com), and Luke McInerney (linkedin.com/in/luke-mcinerney) of Babson College for reporting this issue.

2017-04-24 getsupport.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge @Timedout of Moresec Security Team (moresec.cn) and Yoni Ramon (linkedin.com/in/yoni-ramon-7a853430/) of Tesla for reporting this issue.

2017-04-21 icloud.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-04-20 apple.com

A server configuration issue was addressed. We would like to acknowledge Mike Pieters (mikepieters.nl) of bitsense for reporting this issue.

2017-04-20 itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-04-18 ssl.apple.com

A server configuration issue was addressed. We would like to acknowledge Sam Edward Gaikwad (facebook.com/imzephyr), and an anonymous researcher for reporting this issue.

2017-04-18 retailjss.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017–04-18 store.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-04-18 developer.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Joel Ahlstedt (@jolle) for reporting this issue.

2017-04-18 clearmater.apple.com

A server configuration issue was addressed. We would like to acknowledge Kravchenko Stas (@zuh4n) for reporting this issue.

2017-04-18 atlaslms.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Mustafa Hasan (@strukt93) of Netsparker for reporting this issue.

2017-04-18 support.apple.com

A server configuration issue was addressed. We would like to acknowledge MD. Toufique Imam Chowdhury (facebook.com/toufiqueimam) for reporting this issue.

2017-04-12 beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge Vipin Chaudhary (@vipinxsec) for reporting this issue.

2017-04-12 opensource.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Alec Blance (facebook.com/alec.blance) for reporting this issue.

2017-04-10 itunesconnect.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-03-30 icloud.com

A server configuration issue was addressed. We would like to acknowledge Jose Carlos Exposito Bueno for reporting this issue.

2017-03-28 bugreport.apple.com

A server configuration issue was addressed. We would like to acknowledge Seth Vargo (@sethvargo) of HashiCorp for reporting this issue.

2017-03-24 developer.filemaker.com

A cross-site scripting issue was addressed. We would like to acknowledge Joseph Jose (@josephjose_96) for reporting this issue.

2017-03-24 apple.com

A server configuration issue was addressed. We would like to acknowledge Zain Amro (zaytoun.io) for reporting this issue.

2017-03-23 filemakerjobbard.com

A server configuration issue was addressed. We would like to acknowledge Amol Bhure (linkedin.com/in/amolbhure/) of Attify Inc. (attify.com), Ajay S. Kulal (@ajay_kulal) of Dr. Homi Bhabha Vidyalaya, and Gerardo Venegas (@v0raz) for reporting this issue.

2017-03-22 support.apple.com

A server configuration issue was addressed. We would like to acknowledge Owen Pragel (linkedin.com/in/owenpragel/).

2017-03-21 itunes.com

A cross-site scripting issue was addressed. We would like to acknowledge Christian Goldbach (linkedin.com/in/christian-goldbach) for reporting this issue.

2017-03-21 icloud.com

A server configuration issue was addressed. We would like to acknowledge Richard Shupak (linkedin.com/in/rshupak) for reporting this issue.

2017-03-20 getsupport.apple.com

A server configuration issue was addressed. We would like to acknowledge Eusebiu Blindu (@testalways) for reporting this issue.

2017-03-16 beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge Daniyal Nasir (linkedin.com/in/daniyalnasir) for reporting this issue.

2017-03-16 beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge Akshay Jain for reporting this issue.

2017-03-16 bestbydre.com

A cross-site scripting issue was addressed. We would like to acknowledge Muhammad Khizer Javed of SecurityBreached.com.pk, Kunal Khubchandani (@__kun4l__), Muhammad Uwais (@Muhd_Uwais_), Mohammed Abdul Raheem of Shadan College of Engineering and Technology (Hyderabad), and an anonymous researcher for reporting this issue.

2017-03-15 discussions.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Seyed Morteza Haghiralsadat and Sajjad Pourali of CERT of Ferdowsi University of Mashhad for reporting this issue.

2017-03-07 mfi.apple.com

A server configuration issue was addressed. We would like to acknowledge Nike.Zheng of Webin security lab (dbapp security Ltd.), Zhaohuan of Tencent Security Platform (security.tencent.com), and YongShao - zhiyong Feng of JDSEC (1aq.com) for reporting this issue.

2017-03-07 developer.apple.com

A server configuration issue was addressed. We would like to acknowledge Zhaohuan of Tencent Security Platform (security.tencent.com) for reporting this issue.

A server configuration issue was addressed. We would like to acknowledge Jayson Vasquez Rubio of Iloilo Science and Technology University, ISAT-U for reporting this issue.

2017-02-28 itunesconnect.apple.com

A clickjacking issue was addressed. We would like to acknowledge AbedAlqader Swedan (facebook.com/crypter1996a), Rahmat Nurfauzi (linkedin.com/in/rahmatnurfauzi), and Viral Maniar (@maniarviral) for reporting this issue.

2017-02-28 direct.filemaker.com

A server configuration issue was addressed. We would like to acknowledge Ajay S. Kulal (@ajay_kulal) of Dr. Homi Bhabha Vidyalaya, Tarapur for reporting this issue.

2017-02-27 procurementportal.apple.com

A server configuration issue was addressed. We would like to acknowledge Sadik Shaikh (linkedin.com/in/sadikshaikh) of ExtremeHacking.org for reporting this issue.

2017-02-27 idmsa.apple.com

A server configuration issue was addressed. We would like to acknowledge Ahsan Tahir (@AhsanTahirAT) for reporting this issue.

2017-02-13 beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge Ashutosh Kumar (@divashutosh) and Callum Carney for reporting this issue.

2017-02-06 appleid.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2017-02-03 iforgot.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Kieran Claessens (kieranclaessens.be) of Howest for reporting this issue.

2017-02-02 mynews.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Vishal Shukla (@shukla304), Abhishek Shroti (@Fake_Politics), Mustafa Hasan (strukt), Hussain Adnan Hashim (@hussain_0x3c), and an anonymous researcher for reporting this issue.

2017-01-30 procurementportal.apple.com

A server configuration issue was addressed. We would like to acknowledge Seyed Morteza Haghiralsadat (linkedin.com/in/seyed-morteza-haghiralsadat-05325471/), CERT LAB Ferdowsi University of Mashhad, Iran.

2017-01-27 itunes.phgconsole.performancehorizon.com

A server configuration issue was addressed. We would like to acknowledge Vignesh.v (facebook.com/profile.php?id=100006823931855) for reporting this issue.

2017-01-24 itunes.com

A server configuration issue was addressed. We would like to acknowledge Sergey Bobrov (@Black2Fan) for reporting this issue.

2017-01-20 filemaker.com

A server configuration issue was addressed. We would like to acknowledge Anas Roubi (@Qasuar) for reporting this issue.

2017-01-18 help.filemaker.com

A cross-site scripting issue was addressed. We would like to acknowledge Rahul Dattatraya Kankrale of Servicenger for reporting this issue.

2016-12-20 myaccess.apple.com

A server configuration issue was addressed. We would like to acknowledge Yogesh Anil Tantak (facebook.com/ytantak1) for reporting this issue.

2016-12-20 support.apple.com

A server configuration issue was addressed. We would like to acknowledge Nikhil Kumar (linkedin.com/in/nikhil-kumar-20ba0a24/) of Neogrowth Credit Pvt. Ltd. for reporting this issue.

2016-12-18 challengebasedlearning.org

A cross-site request forgery issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2016-12-18 challengebasedlearning.org

A cross-site request forgery issue was addressed. We would like to acknowledge Er Pratik Panchal of Infobit Technologies for reporting this issue.

A cross site scripting issue was addressed. We would like to acknowledge Florian Kunushevci (facebook.com/misteriozi.pirat.kwg) for reporting this issue.

2016-09-13 apple.com

A cross site scripting issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2016-09-13 apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Jake Eaton (linkedin.com/in/jake-eaton), Sahil Tikoo of Thakur College, Rahul Dattatraya Kankrale (@RahulKankrale) of servicenger.com, Matthew Telfer (MLT) of Project Insecurity (@ret2libc), and Cameron Dawe of Spam404 (@Spam404Online) for reporting this issue.

2016-09-12 carrierlink.apple.com

A server configuration issue was addressed. We would like to acknowledge HexTitan for reporting this issue.

2016-09-12 identity.appple.com

A server configuration issue was addressed. We would like to acknowledge Michael Stepankin of Positive Technologies (@Artsploit) for reporting this issue.

2016-09-02 presslogin.beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge Kenny Hietbrink (hietbr.ink) of Syntra West for reporting this issue.

2016-08-31 privftp.apple.com

A clickjacking issue was addressed. We would like to acknowledge Mohamed A. Baset of Seekurity.com SAS de C.V. Mexico for reporting this issue.

2016-8-31 apple.com

A server configuration issue was addressed. We would like to acknowledge Faast Team of ElevenPaths.com for reporting this issue.

2016-08-29 filemaker.com

A cross-site scripting issue was addressed. We would like to acknowledge Ayoub Nait Lamine for reporting this issue.

2016-08-25 auth.me.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2016-08-16 icloud.com

A server configuration issue was addressed. We would like to acknowledge Lucas Toriello (linkedin.com/in/lucastoriello) of ESIEA (C+V)° Laboratory for reporting this issue.

2016-08-16 icloud.com

A server configuration issue was addressed. We would like to acknowledge Alexander Traud of (traud.de) for reporting this issue.

2016-08-10 apple.com

A server configuration issue was addressed. We would like to acknowledge Brooke Schreier Ganz (@Asparagirl) for reporting this issue.

2016-08-09 consultants-locator.apple.com

A server configuration issue was addressed. We would like to acknowledge Abdullah Hussam (ahussam.me) for reporting this issue.

2016-08-08 itunesconnect.apple.com

A server configuration issue was addressed. We would like to acknowledge Simon Maddox and an anonymous researcher for reporting this issue.

2016-07-27 apple.com

A server configuration issue was addressed. We would like to acknowledge Ye Yint Min Thu Htut (YGN Ethical Hacker group yehg.net) and Satyam Rastogi (facebook.com/hackersatyamrastogi) for reporting this issue.

2016-07-26 download.info.apple.com

A server configuration issue was addressed. We would like to acknowledge Ye Yint Min Thu Htut (YGN Ethical Hacker group yehg.net) for reporting this issue.

2016-07-25 apple.com

A server configuration issue was addressed. We would like to acknowledge Ahmed Elsobky (@0xSobky) for reporting this issue.

2016-07-22 lookup-api.apple.com

A cross site scripting issue was addressed. We would like to acknowledge Orange Tsai of DEVCORE for reporting this issue.

2016-07-22 developer.filemaker.com

A cross site scripting issue was addressed. We would like to acknowledge Dharamvir Bisht (linkedin.com/in/dharamvirbisht) for reporting this issue.

2016-07-13 yuri.apple.com

A server configuration issue was addressed. We would like to acknowledge Adrián Condes for reporting this issue.

2016-07-13 appstore.com

A server configuration issue was addressed. We would like to acknowledge Richard Shupak (linkedin.com/in/rshupak) for reporting this issue.

2016-07-11 retailjss.apple.com

A server configuration issue was addressed. We would like to acknowledge Micheal Cottingham for reporting this issue.

2016-07-11 itunesu.itunes.apple.com

A cross site scripting issue was addressed. We would like to acknowledge Hasan Emre Özer for reporting this issue.

2016-07-05 canadaapp.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2016-06-23 challengebasedlearning.org

A SQL injection issue was addressed. We would like to acknowledge Shawar Khan (facebook.com/shawarkhanskofficial) (shawarkhan.com) for reporting this issue.

2016-06-20 beatsbydre.com

A cross-site request forgery issue was addressed. We would like to acknowledge Aaditya Purani of IET-SEAS (@aaditya_purani) for reporting this issue.

2016-06-17 itunes.apple.com

A cross site scripting issue was addressed. We would like to acknowledge Cameron Dawe of Spam404 (@Spam404Online) and Abhishek Shroti (@Fake_Politics) for reporting this issue.

2016-06-03 foundationdb.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2016-06-03 beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2016-05-11 linkmaker.itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Richard Shupak (linkedin.com/in/rshupak) for reporting this issue.

2016-05-11 support.apple.com

A server configuration issue was addressed. We would like to acknowledge Ye Yint Min Thu Htut (YGN Ethical Hacker group yehg.net) for reporting this issue.

2016-05-11 icloud.com

A server configuration issue was addressed. We would like to acknowledge Gary O'Leary-Steele (sec-1.com) and Graham Bacon (appcheck-ng.com) for reporting this issue.

2016-05-11 icloud.com

A server configuration issue was addressed. We would like to acknowledge Gary O'Leary-Steele of sec-1.com and Graham Bacon of appcheck-ng.com for reporting this issue.

2016-05-06 ecommerce.apple.com

A server configuration issue was addressed. We would like to acknowledge Sébastien Kaul for reporting this issue.

2016-05-05 itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Akshay Jain (facebook.com/akshayjain011) for reporting this issue.

2016-05-05 itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Akshay Jain (facebook.com/akshayjain011) for reporting this issue.

2016-04-27 apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2016-04-22 apple.com

A server configuration issue was addressed. We would like to acknowledge SaifAllah benMassaoud of Evolution Security GmbH - Government Laboratory (facebook.com/WhiteHatSecuri) for reporting this issue.

2016-04-20 trailers.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Edwin Foudil (edwinfoudil.com) for reporting this issue.

2016-04-20 jobs.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Cosmin Maier of Zeroday.pro Labs for reporting this issue.

2016-04-13 trailers.apple.com

A cross site scripting issue was addressed. We would like to acknowledge Edwin Foudil (edwinfoudil.com) for reporting this issue.

2016-04-11 myaccess.apple.com

A server configuration issue was addressed. We would like to acknowledge Latish Danawale (facebook.com/latish.danawale.14) and Suraj Mulik (facebook.com/suraj.mulik) for reporting this issue.

2016-04-14 apple.com

A server configuration issue was addressed. We would like to acknowledge Ing. Darnhofer Armin of Optix-IO AG for reporting this issue.

2016-03-16 appleid.apple.com

A cross site scripting issue was addressed. We would like to acknowledge Mustafa Hasan (@strukt93) for reporting this issue.

2016-03-03 training.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Sandeep Singh Rehal of NTT Europe for reporting this issue.

2016-03-02 wwdcservo.apple.com

A server configuration issue was addressed. We would like to acknowledge Micheal Cottingham for reporting this issue.

2016-02-08 consultants.apple.com

A server configuration issue was addressed. We would like to acknowledge an anonymous researcher for reporting this issue.

2016-02-10 icloud.com

A server configuration issue was addressed. We would like to acknowledge Richard Shupak (linkedin.com/in/rshupak) for reporting this issue.

2016-02-10 icloud.com

A cross-site scripting issue was addressed. We would like to acknowledge Kieran Claessens (@KieranClaessens) for reporting this issue.

2016-02-08 consultants.apple.com

A server configuration issue was addressed. We would like to acknowledge Kapil Soni (Haxinos) of Xowia Technologies, India for reporting this issue.

2016-02-08 volume.itunes.apple.com

A server configuration issue was addressed. We would like to acknowledge Guilherme Scombatti (linkedin.com/in/guilhermescombatti) for reporting this issue.

2016-02-08 consultants.apple.com

A server configuration issue was addressed. We would like to acknowledge Charfeddine Hamdi (@tws_charfeddine) of Tunisian WhiteHat Security for reporting this issue.

2016-02-04 filemaker.com

A server configuration issue was addressed. We would like to acknowledge Micheal Cottingham for reporting this issue.

2016-02-04 rtc.euro.apple.com

A clickjacking issue was addressed. We would like to acknowledge Guilherme Scombatti (linkedin.com/in/guilhermescombatti) for reporting this issue.

2016-02-02 support.beatsmusic.com and support.burstly.com

A server configuration issue was addressed. We would like to acknowledge Harry M. Gertos for reporting this issue.

2016-02-01 presslogin.beatsbydre.com

A server configuration issue was addressed. We would like to acknowledge Harsh Jaiswal (@rootxflood) & Rudra for reporting this issue.

2016-01-27 rtc.euro.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Mousab Elhag Hassan (facebook.com/mousab.elhag) of mousab.com and an anonymous researcher for reporting this issue.

2016-01-26 apple.com

A cross-site scripting issue was addressed. We would like to acknowledge U.Kiranvas Reddy (fb.com/Kiranreddyrebel) for reporting this issue.

2016-01-15 support.apple.com

A cross-site scripting issue was addressed. We would like to acknowledge Jaanus Kääp of Clarified Security and Geoffrey Van Den Berge (@geoffreyvdberge) for reporting this issue.

2016-01-15 wikid.filemaker.com

A cross-site scripting issue was addressed. We would like to acknowledge Micheal Cottingham for reporting this issue.

2016-01-11 itunesconnect.apple.com

A server configuration issue was addressed. We would like to acknowledge Rameen Mashhoon (hackerone.com/rmashhoon) for reporting this issue.

2016-01-04 ets-web.filemaker.apple.com

A server configuration issue was addressed. We would like to acknowledge Micheal Cottingham for reporting this issue.

Previous Apple Web Server notifications

For information about Apple Web Server notifications from previous years, see these documents:

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Risks are inherent in the use of the Internet. Contact the vendor for additional information. Other company and product names may be trademarks of their respective owners.